Re: [VOTE] Release Apache Maven Enforcer Plugin version 3.1.0

2022-06-07 Thread Michael Osipov 

Am 2022-06-07 um 17:30 schrieb Slawomir Jaranowski:

Hi,

We solved 13 issues:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317520=12341008


There are still a couple of issues left in JIRA:
https://issues.apache.org/jira/issues/?jql=project%20%3D%20MENFORCER%20AND%20resolution%20%3D%20Unresolved%20ORDER%20BY%20key%20DESC

Staging repo:
https://repository.apache.org/content/repositories/maven-1761/
https://repository.apache.org/content/repositories/maven-1761/org/apache/maven/enforcer/enforcer/3.1.0/enforcer-3.1.0-source-release.zip

Source release checksum(s):
enforcer-3.1.0-source-release.zip - SHA-512 :
7f39b05774cbf0fe51b8660beb9abf723c7c0f0ae87cc472f5045e95f0c535cb7810703007059dda6676ea08eca379dd628a6394651224110bf3dd95a4966580

Staging site:
https://maven.apache.org/enforcer-archives/enforcer-LATEST/

Guide to testing staged releases:
https://maven.apache.org/guides/development/guide-testing-releases.html

Vote open for at least 72 hours.


Now this looks good!


-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [RESULT] [VOTE] Apache Maven Surefire 3.0.0-M7

2022-06-07 Thread David Karr 
Now that M7 is released, I have a feeling I know the answer to this, but
what are your thoughts about when a full release will go out with these
latest changes? I'm currently evaluating whether we can upgrade our
internal platform to support Junit 5.  As far as we know, M7 will address
the last problem we were seeing (buffer overflow), and we'll be testing
that this morning, but my "platform" team only has a small set of services
we can easily test platform upgrades with.  Our platform is used by a large
number of services.  Using a "beta" version carries some amount of
indeterminate risk (sort of redundant), so I have to be more careful about
planning for contingencies if we discover unexpected problems from the M7
version in other services we don't directly support.  Those contingencies
include staying on Surefire 2.22.0, but still using Spring Boot 2.3.12
(upgrading this will be coming soon), and only using JUnit 4.


On Mon, Jun 6, 2022 at 4:16 PM Olivier Lamy  wrote:

> Hi
> The vote has passed.
> +1 Enrico, Hervé, Michael, Romain, Slawomor, Olivier
>
> PMC quorum reached. I will continue the release process.
>
> cheers
> Olivier
>

Re: [VOTE] Release Apache Maven version 3.8.6

2022-06-07 Thread Michael Osipov 

Am 2022-06-06 um 19:18 schrieb Michael Osipov:

Hi,

We solved 16 issues:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922=12351556 



There are still hundreds of issues left in JIRA:
https://issues.apache.org/jira/issues/?jql=project%20%3D%20MNG%20AND%20resolution%20%3D%20Unresolved 



Staging repo:
https://repository.apache.org/content/repositories/maven-1759/

Dev dist directory:
https://dist.apache.org/repos/dist/dev/maven/maven-3/3.8.6/

Source release checksums:
apache-maven-3.8.6-src.zip sha512: 
cfa8b7e5f965d4da8d0e098889b98fccf3eec70ac500c452a5257ca9f8b5e75d200ba51d89c0be6e06072255b71d8a0c0f21ee3e3d4ba6152ea72007b497344a 

apache-maven-3.8.6-src.tar.gz sha512: 
03366d0d34bba79ce6f0d5e88390e360fbf2f61c273bc18885a21a6d4dcdf5eca14fe4d902735e4fcb03db32327be086e3927d259c519aa790f42142cfcb 



Binary release checksums:
apache-maven-3.8.6-bin.zip sha512: 
f92dbd90060c5fd422349f844ea904a0918c9c9392f3277543ce2bfb0aab941950bb4174d9b6e2ea84cd48d2940111b83ffcc2e3acf5a5b2004277105fd22be9 

apache-maven-3.8.6-bin.tar.gz sha512: 
f790857f3b1f90ae8d16281f902c689e4f136ebe584aba45e4b1fa66c80cba826d3e0e52fdd04ed44b4c66f6d3fe3584a057c26dfcac544a60b301e6d0f91c26 



Draft for release notes:
https://github.com/apache/maven-site/pull/303


Guide to testing staged releases:
http://maven.apache.org/guides/development/guide-testing-releases.html

Vote open until 2021-06-12T12:00Z


+1

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

Re: [VOTE] Release Apache Maven version 3.8.6

2022-06-07 Thread Dan Tran 
+1 (non-binding) works well with my large internal product build

Thank you for pushing this new version out

-Dan

On Mon, Jun 6, 2022 at 11:30 PM Romain Manni-Bucau 
wrote:

> +1, works well on tested projects and toolings
>
> Romain Manni-Bucau
> @rmannibucau  |  Blog
>  | Old Blog
>  | Github <
> https://github.com/rmannibucau> |
> LinkedIn  | Book
> <
> https://www.packtpub.com/application-development/java-ee-8-high-performance
> >
>
>
> Le lun. 6 juin 2022 à 19:18, Michael Osipov  a écrit
> :
>
> > Hi,
> >
> > We solved 16 issues:
> >
> >
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922=12351556
> >
> > There are still hundreds of issues left in JIRA:
> >
> >
> https://issues.apache.org/jira/issues/?jql=project%20%3D%20MNG%20AND%20resolution%20%3D%20Unresolved
> >
> > Staging repo:
> > https://repository.apache.org/content/repositories/maven-1759/
> >
> > Dev dist directory:
> > https://dist.apache.org/repos/dist/dev/maven/maven-3/3.8.6/
> >
> > Source release checksums:
> > apache-maven-3.8.6-src.zip sha512:
> >
> >
> cfa8b7e5f965d4da8d0e098889b98fccf3eec70ac500c452a5257ca9f8b5e75d200ba51d89c0be6e06072255b71d8a0c0f21ee3e3d4ba6152ea72007b497344a
> > apache-maven-3.8.6-src.tar.gz sha512:
> >
> >
> 03366d0d34bba79ce6f0d5e88390e360fbf2f61c273bc18885a21a6d4dcdf5eca14fe4d902735e4fcb03db32327be086e3927d259c519aa790f42142cfcb
> >
> > Binary release checksums:
> > apache-maven-3.8.6-bin.zip sha512:
> >
> >
> f92dbd90060c5fd422349f844ea904a0918c9c9392f3277543ce2bfb0aab941950bb4174d9b6e2ea84cd48d2940111b83ffcc2e3acf5a5b2004277105fd22be9
> > apache-maven-3.8.6-bin.tar.gz sha512:
> >
> >
> f790857f3b1f90ae8d16281f902c689e4f136ebe584aba45e4b1fa66c80cba826d3e0e52fdd04ed44b4c66f6d3fe3584a057c26dfcac544a60b301e6d0f91c26
> >
> > Draft for release notes:
> > https://github.com/apache/maven-site/pull/303
> >
> >
> > Guide to testing staged releases:
> > http://maven.apache.org/guides/development/guide-testing-releases.html
> >
> > Vote open until 2021-06-12T12:00Z
> >
> > [ ] +1
> > [ ] +0
> > [ ] -1
> >
> > -
> > To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
> > For additional commands, e-mail: dev-h...@maven.apache.org
> >
> >
>

[MPH-183] effective-pom + verbose should show path to source

2022-06-07 Thread Maarten Mulders 

Hi all,

Over the past months, I have been working on an enhancement [1] for the 
Maven Help Plugin. The enhancement is about the effective-pom goal. If 
you pass it the 'verbose' parameter, it will include inline comments 
saying "this line of the effective pom is caused by this line in a 
different pom":



  org.example  
  mng-7344-dep-x  
  2  



This is not so useful when you have a long path of POMs referring to 
each other. It will only show the last POM of that trail, but not the 
intermediate POMs. This makes it hard for users to understand how their 
effective POM was constructed. In the enhanced version, 
help:effective-pom -Dverbose would show something like this:



  org.example  
  mng-7344-dep-x  
  2  




(I'm sorry, the output is hard to read in a plain-text email; a 
formatted version is available in the JIRA ticket [1].)



This enhancement requires changes in three projects:
1. Maven Help Plugin
2. Maven Core
3. Modello



Now that the proof of concept is there, I'd like to ask: is this an 
enhancement we want to incorporate into Maven? If so, I'll start by 
polishing the code a bit, and then open three separate merge requests. 
We can discuss the implementation there.


One particularly important thing to mention is that I did _not yet_ pay 
attention to backward compatibility of the Maven Help Plugin. I believe 
we can do this in a decent way - it wasn't the first priority for the 
proof of concept.



I'm looking forward to hearing your thoughts on this.


Thanks,


Maarten



[1] https://issues.apache.org/jira/browse/MPH-183

-
To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
For additional commands, e-mail: dev-h...@maven.apache.org

[VOTE] Release Apache Maven Enforcer Plugin version 3.1.0

2022-06-07 Thread Slawomir Jaranowski 
Hi,

We solved 13 issues:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317520=12341008


There are still a couple of issues left in JIRA:
https://issues.apache.org/jira/issues/?jql=project%20%3D%20MENFORCER%20AND%20resolution%20%3D%20Unresolved%20ORDER%20BY%20key%20DESC

Staging repo:
https://repository.apache.org/content/repositories/maven-1761/
https://repository.apache.org/content/repositories/maven-1761/org/apache/maven/enforcer/enforcer/3.1.0/enforcer-3.1.0-source-release.zip

Source release checksum(s):
enforcer-3.1.0-source-release.zip - SHA-512 :
7f39b05774cbf0fe51b8660beb9abf723c7c0f0ae87cc472f5045e95f0c535cb7810703007059dda6676ea08eca379dd628a6394651224110bf3dd95a4966580

Staging site:
https://maven.apache.org/enforcer-archives/enforcer-LATEST/

Guide to testing staged releases:
https://maven.apache.org/guides/development/guide-testing-releases.html

Vote open for at least 72 hours.

[ ] +1
[ ] +0
[ ] -1

-- 
Sławomir Jaranowski

Re: [VOTE] Release Apache Maven Enforcer Plugin version 3.0.1

2022-06-07 Thread Slawomir Jaranowski 
Release dropped.

pon., 6 cze 2022 o 23:55 Slawomir Jaranowski 
napisał(a):

>
>
> pon., 6 cze 2022 o 22:02 Michael Osipov  napisał(a):
>
>> Am 2022-06-06 um 21:46 schrieb Slawomir Jaranowski:
>> > Hi,
>> >
>> > We solved 13 issues:
>> >
>> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317520=12346527
>>
>> ^^ wrong:
>> https://issues.apache.org/jira/projects/MENFORCER/versions/12341008
>>
>> changes like "[MENFORCER-419] Upgrade Maven to 3.2.5" require a new
>> minor version.
>>
>>
> You're right.
> Tomorrow I will drop this release and prepare 3.1.0
>
>
>
>> -
>> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
>> For additional commands, e-mail: dev-h...@maven.apache.org
>>
>>
>
> --
> Sławomir Jaranowski
>


-- 
Sławomir Jaranowski

Re: [VOTE] Release Apache Maven version 3.8.6

2022-06-07 Thread Romain Manni-Bucau 
+1, works well on tested projects and toolings

Romain Manni-Bucau
@rmannibucau  |  Blog
 | Old Blog
 | Github  |
LinkedIn  | Book



Le lun. 6 juin 2022 à 19:18, Michael Osipov  a écrit :

> Hi,
>
> We solved 16 issues:
>
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316922=12351556
>
> There are still hundreds of issues left in JIRA:
>
> https://issues.apache.org/jira/issues/?jql=project%20%3D%20MNG%20AND%20resolution%20%3D%20Unresolved
>
> Staging repo:
> https://repository.apache.org/content/repositories/maven-1759/
>
> Dev dist directory:
> https://dist.apache.org/repos/dist/dev/maven/maven-3/3.8.6/
>
> Source release checksums:
> apache-maven-3.8.6-src.zip sha512:
>
> cfa8b7e5f965d4da8d0e098889b98fccf3eec70ac500c452a5257ca9f8b5e75d200ba51d89c0be6e06072255b71d8a0c0f21ee3e3d4ba6152ea72007b497344a
> apache-maven-3.8.6-src.tar.gz sha512:
>
> 03366d0d34bba79ce6f0d5e88390e360fbf2f61c273bc18885a21a6d4dcdf5eca14fe4d902735e4fcb03db32327be086e3927d259c519aa790f42142cfcb
>
> Binary release checksums:
> apache-maven-3.8.6-bin.zip sha512:
>
> f92dbd90060c5fd422349f844ea904a0918c9c9392f3277543ce2bfb0aab941950bb4174d9b6e2ea84cd48d2940111b83ffcc2e3acf5a5b2004277105fd22be9
> apache-maven-3.8.6-bin.tar.gz sha512:
>
> f790857f3b1f90ae8d16281f902c689e4f136ebe584aba45e4b1fa66c80cba826d3e0e52fdd04ed44b4c66f6d3fe3584a057c26dfcac544a60b301e6d0f91c26
>
> Draft for release notes:
> https://github.com/apache/maven-site/pull/303
>
>
> Guide to testing staged releases:
> http://maven.apache.org/guides/development/guide-testing-releases.html
>
> Vote open until 2021-06-12T12:00Z
>
> [ ] +1
> [ ] +0
> [ ] -1
>
> -
> To unsubscribe, e-mail: dev-unsubscr...@maven.apache.org
> For additional commands, e-mail: dev-h...@maven.apache.org
>
>

Re: A Maven extension for dependency tracking

2022-06-07 Thread Grzegorz Grzybek 
Thanks Tamas. I'm looking at
https://github.com/apache/maven-resolver/pull/182 today (and apologies for
delay - other tasks...).
See inline.

pt., 27 maj 2022 o 21:19 Tamás Cservenák  napisał(a):

> Howdy, inline, also PR updated, simplified, and added a "demo" listener
> that does exactly what you wanted.
>
> On Fri, May 27, 2022 at 8:24 AM Grzegorz Grzybek 
> wrote:
>
> > Hello and thank you very much for your time ;)
> >
> > This looks exactly how I imagined it ;) - that the path is reachable via
> > the RequestTrace!
> > Doing everything in the RepositoryListener (correct me if I'm wrong, but
> > artifactResolved() is called both after remote access and when the
> artifact
> > is found in local repo?) looks very clean, because it's natural to
> register
> > such listeners - much more natural than extending some crucial classes
> from
> > the resolver.
> >
> >
> Yes, now you can do everything as a listener. There is a "demo" added that
> does exactly what you want.
> Still, the warning stands: listener "steals" time from collection,
> collecting is "hot", so be quick! :)
> But now we are thread-safe as well, so "parallel pom" download will work as
> well.
> (there is one thing I need to fix: for this safety I need to COPY the path
> list, as once multithreaded, that list will change!!!)
>

So in ideal situation (no listener registered), the only cost would be the
copy.
I'll check collectStepTrace() impact by building some of my projects and
I'll let you know.


>
>
> >
> > I remember you mentioned this "end graph", but I didn't find a place
> (hook,
> > listener) where I can get it - could you please point me to the class?
> >
>
> I was talking about another extension point to be added, which is not
> there.
> But now I am unsure if it is needed or not...
>

ok, so no full tree, but just a path collected in RequestTrace - that's
what I needed ;)


>
>
> >
> > I think artifactResolved() callback was called not only for POMs... and
> all
> > the changes made to the collector were supposed to prepare the dependency
> > path, so I didn't see a problem here. But you're the expert ;)
>
>
> Yes, event is called a bit more: for every artifact being resolved, that
> means that is called
> for POMs (when artifactDescriptorRequest is run in collector), but that one
> request may trigger SEVERAL
> events, like for the POM, then for it's parent POM, then for parent parent
> POM etc. This is model builder, that
> is building the effective POM for a given artifact, and in case it has a
> parent POM, hence it needs to be resolved
> as well.
>

And THAT was exactly the reason I wanted to track everything. Yes - I
wanted parent poms, grandparent poms, parents of boms, etc...


>
> Hence, there is that little "trick" in place that ensures that tree is
> written only once, see the demo listener.
> It could be improved even more (like in the case of mvnd, where you may
> have several ongoing sessions at once).
>

Thanks - I promise to check PR#182 this week.

regards
Grzegorz Grzybek


>
> HTH
> Tamas
>